Y
Hacker News
new
|
ask
|
show
|
jobs
by
HorstG
2380 days ago
Yes. Namespace support has been a great source of CVEs, and disabling all kinds of unneeded namespace functionalities is one of the first steps when hardening a Linux kernel.